EMT-weijen.pdf (2003) [2 citations — 0 self]

Download:
pdf

by Salvatore J. Stolfo, Chia-wei Hu, Wei-jen Li, Shlomo Hershkop, Ke Wang, Olivier Nimeskern

http://www1.cs.columbia.edu/ids/publications/EMT-weijen.pdf

Add To MetaCart

Popular Tags

No tags have been applied to this document.

BibTeX | Add To MetaCart

@MISC{Stolfo03combiningbehavior,
    author = {Salvatore J. Stolfo and Chia-wei Hu and Wei-jen Li and Shlomo Hershkop and Ke Wang and Olivier Nimeskern},
    title = {Combining Behavior Models to Secure Email Systems," CU Tech Report, Available at: www1.cs.columbia.edu/ids/publications /EMT-weijen.pdf},
    year = {2003}
}

Abstract:

We introduce the Email Mining Toolkit (EMT), a system that implements behavior-based methods to improve security of email systems. Behavior models of email flows and email account usage may be used for a variety of detection tasks. Behavior-based models are quite different from "content-based" models in common use today, such as virus scanners. We evaluate the soundness of these techniques for the detection of the onset of viral propagations. The results achieved for the detection of the onset of viral propagations suggest email delivery should be egress rate limited- stored for a while and then forwarded- or a record of recently delivered emails should be kept in order to develop sufficient statistics to verify a propagation is ongoing. EMT can form part of a larger security platform that deals with email security issues in general. We present the variety of EMT models implemented to date and suggest other security tasks that may benefit for its detection capabilities. 1.

Citations

441	The QBIC Project: Querying Images by Content Using Color, Texture, and Shape,”Proc. Storage and Retrievalfor Image and Video – Niblack - 1993
164	Estimating continuous distributions in Bayesian classifier – John, Langley - 1995
131	Throttling Viruses: Restricting Propagation to Defeat Malicious Mobile Code – Williamson - 2002
106	Integrated spatial and feature image systems: retrieval, analysis and compression – Smith - 1997
87	Introduction to Mathematical Statistics – Hogg, Craig - 1965
77	A Geometric Framework for Unsupervised Anomaly Detection: Detecting – Eskin, Arnold, et al. - 2002
71	Learning Patterns from Unix Process Execution Traces for Intrusion Detection – Lee, Stolfo, et al. - 1997
60	Mining audit data to build intrusion detection models.” KDD-98 – Lee, Stolfo, et al.
57	Finding all cliques of an undirected graph [H – Bron, Kerbosch - 1973
23	Gauging similarity with n-grams: language independent categorization of text – Damashek - 1995
22	MET: An Experimental System for Malicious Email Tracking – Bhattacharyya, Schultz, et al. - 2002
16	MEF: Malicious Email Filter A UNIX Mail Filters that Detects Malicious Windows Executables – Schultz, Eskin, et al. - 2001
5	Email networks and the spread of computer viruses”, The American Physical Society – NEWMAN, FORREST, et al. - 2002

View or Download | Add to My Collection | Correct Errors

Combining Behavior Models to Secure Email Systems,&quot; CU Tech Report, Available at: www1.cs.columbia.edu/ids/publications /EMT-weijen.pdf (2003) [2 citations — 0 self]

Popular Tags

BibTeX | Add To MetaCart

Abstract:

Citations

Combining Behavior Models to Secure Email Systems," CU Tech Report, Available at: www1.cs.columbia.edu/ids/publications /EMT-weijen.pdf (2003) [2 citations — 0 self]